Sudo vs Su [Linux] (MTE Explains)

If you have ever dabbled with the command line in Linux (who don’t?), you are sure to come across the command “sudo” and “su”. While veteran users know exactly what they mean, new Linux users are always confused when to use which and the implication and complication involving with both. In this article, we will explain in detail what “sudo” and “su” is, the difference between them and when to use them.

Linux basics

During the installation of Linux, it will prompt you to create an user account and set your own password. Once the installation is completed and the system rebooted, you will be prompted to login to the user account that you have previously created. Once you are in this user environment, you are your own administrator and you can run applications and customize the desktop to your own liking. This is pretty much the same as in Windows and Mac. You also have your own personal Home folder where you can add/remove any folder to and from it. That is pretty much everything you can do. Outside of your Home folder (i.e, the root folder), you will find that most (if not, all) of the file systems are not accessible to you.

While you can access and read the files in those folders, you won’t be able to make changes to them. The reason is because you don’t have sufficient permission.

User Permission

The user permission feature is one security feature that protects Linux users. With your administrator account, you are given permission to manage everything within your Home folder (and the external partition or hard drive that you have mounted). Outside of that, you will need root permission to make changes to the system file, including installing and uninstalling applications. The separation of the administrator account and the root account makes sure that you don’t mess up your system unnecessary and makes it harder for hacker/virus/malware to get into your root system.

Note: Unlike Windows, being the administrator of your own user account doesn’t mean you have root access to the system. You can’t just install/uninstall applications just by double-clicking on the the installer. In Linux, you will have to enter your password to elevate your user account before you can install/uninstall an app. This also means that things don’t get installed unless you give explicit permission to.

The existence of “sudo” and “su” is to allow you to gain root access so you can become the true administrator of your own system.

SU

“su” stands for “superuser” and allows you to login as root and do whatever you want with the system. It can be run with the command:

su

and it requires you to enter the password of the root account. In some distro, particularly Ubuntu, the root password is not set during installation. This makes it practically impossible to login as root (using “su”) since it cannot be authenticated.

If you really need to use the “su” command to get root access, you can change the root password by using the command:

sudopasswd root

By default, “su” logs you in as root in your own user environment. To change the user environment to root, use the command:

su -

Other usage of “su” include:

Switching to another user who is not the superuser

su<username>

Switching to another user and use that user environment

su - <username>

As can be seen, using the “su” command gives you great power to administer and modify your system, and if unchecked (or if you are inexperienced), it could be destructive to your system.

Note: As much as possible, do not to use “su” to administer your system.

SUDO

“sudo” stands for “superuser do” and it allows you to elevate your current user account to have root privilege temporarily. This is different from “su”. With “sudo”, you are still using your user account, but with root privilege, whereas in “su”, you are logged in to the root account. In addition, the root privilege in “sudo” is only valid for a short period of time. Once it expires, you have to enter your password again to regain root privilege.

With “sudo”, you can do pretty much the same stuff as “su”. To use it, you just have to add “sudo” in front of all root commands, for example:

sudoapt-get updatesudoapt-get upgrade

In some instances, if you really need to login as root, instead of using “su”, it is better to use:

sudo-i

to start a root shell. This allows you to login as root with your own user password.

You can also login as another user

sudo-i-u<username>

Conclusion

This is a basic introductory article to “sudo” and “su”. If you are a newbie, it is advisable to keep your hands off “su” and use “sudo” if required. For basic users, using “sudo” for most root commands suffice. For over 6 years of using Linux, I have not come across an instance where I need to use “su” or “sudo -i”.

For administering server, some will argue that you need to be root all the time to carry out maintenance and perform any other task. This may be true, but in my personal experience, if you install “sudo”, create a new user and add this user to the sudo group, you can do pretty much everything with the limited user account and sudo command. In fact, I would think this is a more secure way of administering your server. Tell me if I am wrong.